130 matches found
RHCOS 4 : OpenShift Container Platform 4.14.35 (RHSA-2024:5436)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5436 advisory. - golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 -...
MiracleLinux 8 : grafana-9.2.10-17.el8_10 (AXSA:2024-8676:11)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8676:11 advisory. golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-2478...
TencentOS Server 4: golang (TSSA-2024:0493)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0493 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: grafana (TSSA-2024:0391)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0391 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: go-toolset:rhel8 (TSSA-2024:0804)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0804 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0265: go-toolset:rhel8 (ALINUX3-SA-2024:0265)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0265 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-24790: The various Is methods IsPrivate,...
Alibaba Cloud Linux 3 : 0184: grafana (ALINUX3-SA-2024:0184)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0184 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-24788: A malformed DNS message in...
Moderate: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: crypto/tls: panic when processing post-handshake message on QUIC connections...
RLSA-2024:5291 Moderate: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 golang: archive/zip: Incorrect handling of certain ZIP files CVE-2024-24789 golang: net/netip:...
Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak for Network Automation
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Network Automation 2.7.8 Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses in the...
Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Golang Go (CVE-2024-24790)
Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Golang Go. For more information about the vulnerability impact, refer to the table in the "Related Information" section. This Security Bulletin relates only to the direct usage of third-party components by IBM...
Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 279. Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods IsPrivate, IsLoopback, etc did not work as expected for...
Linux Distros Unpatched Vulnerability : CVE-2024-24790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true...
openSUSE Security Advisory (SUSE-SU-2024:1969-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
terraform-provider-oci-fips security update
6.25.0-2.el9 - Rebuild on golang-boringcrypto 1.22.11 to fix CVE-2024-24790 Alex Burmashev CVE-2024-24790...
Oracle Linux 8 / 9 : terraform-provider-oci-fips (ELSA-2025-31356)
The remote Oracle Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-31356 advisory. 6.25.0-2.el9 - Rebuild on golang-boringcrypto 1.22.11 to fix CVE-2024-24790 Alex Burmashev CVE-2024-24790 Tenable has extracted the preceding description...
google-osconfig-agent-20250115.01-1.1 on GA media (moderate)
google-osconfig-agent-20250115.01-1.1 on GA media Announcement ID: openSUSE-SU-2025:14723-1 Rating: moderate Cross-References: CVE-2024-24790 CVSS scores: CVE-2024-24790 SUSE : 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L Affected Products: openSUSE Tumbleweed An update that solves one...
SUSE SLES15 / openSUSE 15 Security Update : google-osconfig-agent (SUSE-SU-2025:0302-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:0302-1 advisory. - Update to version 20250115.01 bsc1236406, bsc1236407 - CVE-2024-24790: Bump the golang compiler version to 1.22.4 bsc1225974...
openSUSE Security Advisory (SUSE-SU-2025:0302-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for google-osconfig-agent
This update for google-osconfig-agent fixes the following issues: Update to version 20250115.01 bsc1236406, bsc1236407 CVE-2024-24790: Bump the golang compiler version to 1.22.4 bsc1225974 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...